<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
  <meta http-equiv="content-type" content="text/html; charset=windows-1250">
  <meta name="generator" content="PSPad editor, www.pspad.com">
  <title>IUsers Help</title>
  <style type="text/css">
  #IUsers_Help p{
      margin: 8px;
  }
  #IUsers_Help code{
      margin: 8px;
  }
  #IUsers_Help h2, #IUsers_Help h3{
      margin: 16px 8px 0 8px;
  }
  #IUsers_Help ul li{
      list-style-type: disc !important;
  }
  #IUsers_Help .important{
      border: solid 3px red;
      color: red;
      margin: 8px;
      padding: 8px;
      font-weight: bold;
  }
  #IUsers_Help .example{
      border: solid 1px #CCC;
      background-color: #EFEFEF;
      padding: 8px;
  }
  #IUsers_Help .example code{
      margin: 0;
  }
  </style>
  </head>
  <body>
  <div id="IUsers_Help">
  
  <h2>Installing Cities</h2>
  <p>
    The cities database is 32MB when compressed and 172MB extracted, so it is not included
    with the module download. To install the cities database, you can 
    <a href="http://cmsms.antzcode.com/installing-iusers.html">follow the instructions here</a>
  </p>
  
<h2>What does it do?</h2>
<ul>
  <li><a href="listmodules.php?action=showmodulehelp&module=IUsers#fe">Front-end user management</a></li>
  <li><a href="listmodules.php?action=showmodulehelp&module=IUsers#reg">Registration and login</a></li>
  <li><a href="listmodules.php?action=showmodulehelp&module=IUsers#pages">Restrict access to pages</a></li>
  <li><a href="listmodules.php?action=showmodulehelp&module=IUsers#content">Restrict access to content</a></li>
  <li><a href="listmodules.php?action=showmodulehelp&module=IUsers#flood">Minimise impact of dos attacks (flooding)</a></li>
  <li><a href="listmodules.php?action=showmodulehelp&module=IUsers#stats">Record statistics of user behaviour</a></li>
</ul>

<h2><a name="fe"></a>Front-end user management</h2>
<p>Distinct from back-end user management, front-end user management does not grant permission to
view the CMSms admin console, nor manage the CMS. What front-end user management does is create
<u>groups</u> and <u>user accounts</u> that are used to restrict a user's access to view
and participate in certain pages.</p>

<h3>Groups and user permissions</h3>
<p>You create groups and assign members to those groups. Groups are then used to verify a
user's permission to view pages and to view content on pages.</p>
<p>The default installation of IUsers creates two groups: "public" and "private". Before a
member logs in, they belong to the group "public". After a user has logged in, they may belong to other
groups assigned by the administrator. It is recommended that all users belong to the group public, as well
as another group that gives them access to restricted content.</p>

<p>Users can be created from the CMSms admin console on the "New user" tab in
Users &amp; Groups -> Integrated user management. In this section you can also create groups,
assign members to groups, set configuration and manage user accounts.
</p>

<h2><a name="reg"></a>Registration and login</h2>
<p>When IUsers is installed, it creates a handful of pages that are used to manage user activities:</p>
<ul>
  <li>Register</li>
  <li>Login</li>
  <li>Logout</li>
  <li>Verify email</li>
  <li>Update profile</li>
  <li>Terms and conditions</li>
  <li>Lost password</li>
  <li>Change country</li>
</ul>

<p>You should move these pages to the desired position in your site heirarchy and make sure their permissions
are set correctly, including the "active" and "show in menu" options.

<h2><a name="pages"></a>Restrict access to pages</h2>
<p>The main goal of user management is to grant privilege to known users, for access to restricted content.
This is acheived by adding one line to the top of each template, and <u>before</u> the tag "{process_pagedata}":</p>
<p class="example">
<code>
{cms_module module="IUsers" action="checkperms_redirect"}
</code>
</p>
<p>This line tells the IUsers module to check the permissions that have been set for the requested page,
and if the user does not belong to one of the designated groups, redirect them to the login page. Without adding
this line to your templates, the IUsers module can not serve its purpose.</p>

<h2><a name="content"></a>Restrict access to content</h2>
<p>Portions of a page can be hidden from non-privileged users by wrapping the content in a new Smarty tag:</p>
<p class="example">
This content is visible to the public.<br>
<code>{showto groups="private,subscribers"}</code><br>
&nbsp;&nbsp;&nbsp;&nbsp;This content is only visible if the user is logged in and they belong to <u>either</u> groups "private" or "subscribers"<br>
<code>{/showto}</code>
</p>
<p>Note that the "showto" Smarty tag is installed by IUsers, and the IUsers module must be installed or it will cause
a Smarty error: "undefined tag..."</p>

<h2><a name="flood"></a>Flood control</h2>
<p>If a user requests too many pages in a minute, they are given an access denied message. The flood
capacity and interval are defined in the "Config" tab of the IUsers module in "Users &amp; Groups -> Integrated user management"</p>

<h2><a name="stats"></a>Record statistics of user behaviour</h2>
<p>IUsers records every page request into a database table. This data may be useful for tracking malicious
activity or user statistics. Eventually, the IUsers module will provide an interface for extracting these
statistics in a usable format such as graphs.</p>
<p>The "Config" tab allows you to specify whether $_SESSION, $_POST, $_GET or $_SERVER variables are
recorded into the database, but <u>this is discouraged since it will bloat your database quickly</u>.</p>
<p class="important"><strong>It is recommended to monitor and purge the table "prefix_iusers_history" when it gets excessively large.</strong></p>

</div>
  </body>
</html>
